draft-ietf-trade-voucher-vtsapi-05.txt   draft-ietf-trade-voucher-vtsapi-06.txt 
Trade Working Group February 2003 Trade Working Group February 2004
INTERNET-DRAFT Masayuki Terada INTERNET-DRAFT Masayuki Terada
Ko Fujimura NTT DoCoMo
Expires: August 2003 NTT Expires: August 2004 Ko Fujimura
NTT
Voucher Trading System Application Programming Interface (VTS-API) Voucher Trading System Application Programming Interface (VTS-API)
<draft-ietf-trade-voucher-vtsapi-05.txt> <draft-ietf-trade-voucher-vtsapi-06.txt>
Status of This Document Status of This Document
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 1, line 43 skipping to change at page 1, line 44
the TRADE working group at <ietf-trade@lists.elistx.com>, which may the TRADE working group at <ietf-trade@lists.elistx.com>, which may
be joined by sending a message with subject "subscribe" to <ietf- be joined by sending a message with subject "subscribe" to <ietf-
trade-request@lists.elistx.com>. trade-request@lists.elistx.com>.
Discussions of the TRADE working group are archived at Discussions of the TRADE working group are archived at
http://lists.elistx.com/archives/ietf-trade. http://lists.elistx.com/archives/ietf-trade.
Abstract Abstract
This document specifies the Voucher Trading System Application This document specifies the Voucher Trading System Application
Programming Interface (VTS-API). The VTS-API allows a wallet or other Programming Interface (VTS-API). The VTS-API allows a wallet or
application to issue, transfer, and redeem vouchers in a uniform other application to issue, transfer, and redeem vouchers in a
manner independent of the VTS implementation. The VTS is a system to uniform manner independent of the VTS implementation. The VTS is a
securely transfer vouchers, e.g., coupons, tickets, loyalty points, system to securely transfer vouchers, e.g., coupons, tickets, loyalty
and gift certificates; this process is often necessary in the course points, and gift certificates; this process is often necessary in the
of payment and/or delivery transactions. course of payment and/or delivery transactions.
Copyright (C) The Internet Society (2003). All Rights Reserved. Copyright (C) The Internet Society (2004). All Rights Reserved.
Acknowledgements Acknowledgements
The following persons, in alphabetic order, contributed substantially The following persons, in alphabetic order, contributed substantially
to the material herein: to the material herein:
Donald Eastlake 3rd Donald Eastlake 3rd
Iguchi Makoto Iguchi Makoto
Yoshitaka Nakamura Yoshitaka Nakamura
Ryuji Shoda Ryuji Shoda
Table of Contents Table of Contents
skipping to change at page 2, line 19 skipping to change at page 2, line 16
Donald Eastlake 3rd Donald Eastlake 3rd
Iguchi Makoto Iguchi Makoto
Yoshitaka Nakamura Yoshitaka Nakamura
Ryuji Shoda Ryuji Shoda
Table of Contents Table of Contents
Status of this Memo . . . . . . . . . . . . . . . . . . . . . . . 1 Status of this Memo . . . . . . . . . . . . . . . . . . . . . . . 1
Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . 2 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . 1
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 3
2. Processing Model . . . . . . . . . . . . . . . . . . . . . 4 2. Processing Model . . . . . . . . . . . . . . . . . . . . . 4
3. Design Overview . . . . . . . . . . . . . . . . . . . . . 5 3. Design Overview . . . . . . . . . . . . . . . . . . . . . 6
4. Concepts . . . . . . . . . . . . . . . . . . . . . . . . . 5 4. Concepts . . . . . . . . . . . . . . . . . . . . . . . . . 6
5. Interface Definitions . . . . . . . . . . . . . . . . . . 7 5. Interface Definitions . . . . . . . . . . . . . . . . . . 7
5.1 VTSManager . . . . . . . . . . . . . . . . . . . . . . . . 7 5.1 VTSManager . . . . . . . . . . . . . . . . . . . . . . . . 8
5.1.1 getParticipantRepository . . . . . . . . . . . . . . . . . 7 5.1.1 getParticipantRepository . . . . . . . . . . . . . . . . . 8
5.1.2 getVoucherComponentRepository . . . . . . . . . . . . . . 7 5.1.2 getVoucherComponentRepository . . . . . . . . . . . . . . 8
5.2 ParticipantRepository . . . . . . . . . . . . . . . . . . 8 5.2 ParticipantRepository . . . . . . . . . . . . . . . . . . 8
5.2.1 lookup . . . . . . . . . . . . . . . . . . . . . . . . . . 8 5.2.1 lookup . . . . . . . . . . . . . . . . . . . . . . . . . . 9
5.3 Participant . . . . . . . . . . . . . . . . . . . . . . . 8 5.3 Participant . . . . . . . . . . . . . . . . . . . . . . . 9
5.3.1 getIdentifier . . . . . . . . . . . . . . . . . . . . . . 8 5.3.1 getIdentifier . . . . . . . . . . . . . . . . . . . . . . 9
5.3.2 getVTSAgent . . . . . . . . . . . . . . . . . . . . . . . 9 5.3.2 getVTSAgent . . . . . . . . . . . . . . . . . . . . . . . 9
5.4 VTSAgent . . . . . . . . . . . . . . . . . . . . . . . . . 9 5.4 VTSAgent . . . . . . . . . . . . . . . . . . . . . . . . . 10
5.4.1 login . . . . . . . . . . . . . . . . . . . . . . . . . . 9 5.4.1 login . . . . . . . . . . . . . . . . . . . . . . . . . . 10
5.4.2 logout . . . . . . . . . . . . . . . . . . . . . . . . . . 10 5.4.2 logout . . . . . . . . . . . . . . . . . . . . . . . . . . 11
5.4.3 prepare . . . . . . . . . . . . . . . . . . . . . . . . . 10 5.4.3 prepare . . . . . . . . . . . . . . . . . . . . . . . . . 11
5.4.4 issue . . . . . . . . . . . . . . . . . . . . . . . . . . 11 5.4.4 issue . . . . . . . . . . . . . . . . . . . . . . . . . . 12
5.4.5 transfer . . . . . . . . . . . . . . . . . . . . . . . . . 12 5.4.5 transfer . . . . . . . . . . . . . . . . . . . . . . . . . 13
5.4.6 consume . . . . . . . . . . . . . . . . . . . . . . . . . 12 5.4.6 consume . . . . . . . . . . . . . . . . . . . . . . . . . 14
5.4.7 present . . . . . . . . . . . . . . . . . . . . . . . . . 13 5.4.7 present . . . . . . . . . . . . . . . . . . . . . . . . . 15
5.4.8 cancel . . . . . . . . . . . . . . . . . . . . . . . . . . 14 5.4.8 cancel . . . . . . . . . . . . . . . . . . . . . . . . . . 15
5.4.9 resume . . . . . . . . . . . . . . . . . . . . . . . . . . 14 5.4.9 resume . . . . . . . . . . . . . . . . . . . . . . . . . . 16
5.4.10 create . . . . . . . . . . . . . . . . . . . . . . . . . . 15 5.4.10 create . . . . . . . . . . . . . . . . . . . . . . . . . . 16
5.4.11 delete . . . . . . . . . . . . . . . . . . . . . . . . . . 15 5.4.11 delete . . . . . . . . . . . . . . . . . . . . . . . . . . 16
5.4.12 getContents . . . . . . . . . . . . . . . . . . . . . . . 15 5.4.12 getContents . . . . . . . . . . . . . . . . . . . . . . . 17
5.4.13 getSessions . . . . . . . . . . . . . . . . . . . . . . . 16 5.4.13 getSessions . . . . . . . . . . . . . . . . . . . . . . . 17
5.4.14 getLog . . . . . . . . . . . . . . . . . . . . . . . . . . 16 5.4.14 getLog . . . . . . . . . . . . . . . . . . . . . . . . . . 18
5.4.15 addReceptionListener . . . . . . . . . . . . . . . . . . . 17 5.4.15 addReceptionListener . . . . . . . . . . . . . . . . . . . 18
5.4.16 removeReceptionListener . . . . . . . . . . . . . . . . . 17 5.4.16 removeReceptionListener . . . . . . . . . . . . . . . . . 18
5.5 Session . . . . . . . . . . . . . . . . . . . . . . . . . 17 5.5 Session . . . . . . . . . . . . . . . . . . . . . . . . . 19
5.5.1 getIdentifier . . . . . . . . . . . . . . . . . . . . . . 18 5.5.1 getIdentifier . . . . . . . . . . . . . . . . . . . . . . 19
5.5.2 getVoucher . . . . . . . . . . . . . . . . . . . . . . . . 18 5.5.2 getVoucher . . . . . . . . . . . . . . . . . . . . . . . . 19
5.5.3 getSender . . . . . . . . . . . . . . . . . . . . . . . . 18 5.5.3 getSender . . . . . . . . . . . . . . . . . . . . . . . . 19
5.5.4 getReceiver . . . . . . . . . . . . . . . . . . . . . . . 18 5.5.4 getReceiver . . . . . . . . . . . . . . . . . . . . . . . 20
5.5.5 isPrepared . . . . . . . . . . . . . . . . . . . . . . . . 18 5.5.5 isPrepared . . . . . . . . . . . . . . . . . . . . . . . . 20
5.5.6 isActivated . . . . . . . . . . . . . . . . . . . . . . . 19 5.5.6 isActivated . . . . . . . . . . . . . . . . . . . . . . . 20
5.5.7 isSuspended . . . . . . . . . . . . . . . . . . . . . . . 19 5.5.7 isSuspended . . . . . . . . . . . . . . . . . . . . . . . 20
5.5.8 isCompleted . . . . . . . . . . . . . . . . . . . . . . . 19 5.5.8 isCompleted . . . . . . . . . . . . . . . . . . . . . . . 20
5.6 Voucher . . . . . . . . . . . . . . . . . . . . . . . . . 19 5.6 Voucher . . . . . . . . . . . . . . . . . . . . . . . . . 21
5.6.1 getIssuer . . . . . . . . . . . . . . . . . . . . . . . . 19 5.6.1 getIssuer . . . . . . . . . . . . . . . . . . . . . . . . 21
5.6.2 getPromise . . . . . . . . . . . . . . . . . . . . . . . 19 5.6.2 getPromise . . . . . . . . . . . . . . . . . . . . . . . 21
5.6.3 getCount . . . . . . . . . . . . . . . . . . . . . . . . . 20 5.6.3 getCount . . . . . . . . . . . . . . . . . . . . . . . . . 21
5.7 VoucherComponentRepository . . . . . . . . . . . . . . . . 20 5.7 VoucherComponentRepository . . . . . . . . . . . . . . . . 21
5.7.1 register . . . . . . . . . . . . . . . . . . . . . . . . . 20 5.7.1 register . . . . . . . . . . . . . . . . . . . . . . . . . 22
5.8 VoucherComponent . . . . . . . . . . . . . . . . . . . . . 21 5.8 VoucherComponent . . . . . . . . . . . . . . . . . . . . . 22
5.8.1 getIdentifier . . . . . . . . . . . . . . . . . . . . . . 21 5.8.1 getIdentifier . . . . . . . . . . . . . . . . . . . . . . 22
5.8.2 getDocument . . . . . . . . . . . . . . . . . . . . . . . 21 5.8.2 getDocument . . . . . . . . . . . . . . . . . . . . . . . 23
5.9 ReceptionListener . . . . . . . . . . . . . . . . . . . . 22 5.9 ReceptionListener . . . . . . . . . . . . . . . . . . . . 23
5.9.1 arrive . . . . . . . . . . . . . . . . . . . . . . . . . . 22 5.9.1 arrive . . . . . . . . . . . . . . . . . . . . . . . . . . 24
5.10 Exceptions . . . . . . . . . . . . . . . . . . . . . . . . 22 5.10 Exceptions . . . . . . . . . . . . . . . . . . . . . . . . 24
6. Example Code . . . . . . . . . . . . . . . . . . . . . . . 23 6. Example Code . . . . . . . . . . . . . . . . . . . . . . . 25
7. Security Considerations . . . . . . . . . . . . . . . . . 25 7. Security Considerations . . . . . . . . . . . . . . . . . 26
8. Normative References . . . . . . . . . . . . . . . . . . . 25 8. Normative References . . . . . . . . . . . . . . . . . . . 27
9. Informative References . . . . . . . . . . . . . . . . . . 25 9. Informative References . . . . . . . . . . . . . . . . . . 27
10. Author's Address . . . . . . . . . . . . . . . . . . . . . 26 10. Author's Address . . . . . . . . . . . . . . . . . . . . . 28
Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 26 Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 28
1. Introduction 1. Introduction
This document specifies the Voucher Trading System Application This document specifies the Voucher Trading System Application
Programming Interface (VTS-API). The motivation and background of the Programming Interface (VTS-API). The motivation and background of
Voucher Trading System (VTS) are described in Requirements for the Voucher Trading System (VTS) are described in Requirements for
Generic Voucher Trading [VTS]. Generic Voucher Trading [VTS].
A voucher is a logical entity that represents a certain right and is A voucher is a logical entity that represents a certain right and is
logically managed by the VTS. A voucher is generated by the issuer, logically managed by the VTS. A voucher is generated by the issuer,
traded among users, and finally collected using VTS. The terminology traded among users, and finally collected using VTS. The terminology
and model of the VTS are also described in [VTS]. and model of the VTS are also described in [VTS].
The VTS-API allows a caller application to issue, transfer, and While VTSs can be implemented in different ways such as a centralized
redeem vouchers in a uniform manner independent of the VTS VTS, which uses a centralized online server to store and manage all
implementation. Several attempts have been made at providing a vouchers, or a distributed VTS, which uses per-user smartcards to
generic payment API. Java Commerce Client [JCC] and Generic Payment maintain the vouchers owned by each user, the VTS-API allows a caller
Service Framework [GPSF], for example, introduce a modular wallet application to issue, transfer, and redeem vouchers in a uniform
architecture that permits diverse types of payment modules to be manner independent of the VTS implementation. Several attempts have
added as plug-ins and supports both check-like/cash-like payment been made at providing a generic payment API. Java Commerce Client
models. This document is inspired by these approaches but the scope [JCC] and Generic Payment Service Framework [GPSF], for example,
of this document is limited to the VTS model, in which cash-like introduce a modular wallet architecture that permits diverse types of
payment model is assumed and vouchers are directly or indirectly payment modules to be added as plug-ins and supports both check-
transferred between sender (transferor) and receiver (transferee) via like/cash-like payment models. This document is inspired by these
the VTS. This document is not intended to support API for SET, approaches but the scope of this document is limited to the VTS
e-check or other payment schemes that do not fit the VTS model. model, in which cash-like payment model is assumed and vouchers are
directly or indirectly transferred between sender (transferor) and
receiver (transferee) via the VTS. This document is not intended to
support API for SET, e-check or other payment schemes that do not fit
the VTS model.
Unlike the APIs provided in JCC and GPSF, which are designed to Unlike the APIs provided in JCC and GPSF, which are designed to
transfer only monetary values, this API enables the transfer of a transfer only monetary values, this API enables the transfer of a
wide-range of values through the use of XML-based Generic Voucher wide-range of values through the use of XML-based Generic Voucher
Language [GVL]. The monetary meaning of the voucher is interpreted by Language [GVL]. The monetary meaning of the voucher is interpreted
the upper application layer using the information described in the by the upper application layer using the information described in the
language. This approach makes it possible to provide a simpler API in language. This approach makes it possible to provide a simpler API
the voucher-transfer layer and enhances runtime efficiency. in the voucher-transfer layer and enhances runtime efficiency. The
The API specification in this document is described in the Java API specification in this document is described in the Java language
language syntax. Bindings for other programming languages may be syntax. Bindings for other programming languages may be completed in
completed in a future version of this document or separate related a future version of this document or separate related specifications.
specifications.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
this document are to be interpreted as described in [RFC 2119] document are to be interpreted as described in [RFC2119]
2. Processing Model 2. Processing Model
This section provides the processing model in which the VTS-API is This section provides the processing model in which the VTS-API is
used. Most of the text in this section has been taken from the used. A part of the text in this section has been taken from the
Generic Voucher Language specification [GVL]. Generic Voucher Language specification [GVL].
There are several ways of implementing VTS. For discount coupons or There are several ways of implementing VTS. For discount coupons or
event tickets, for example, the smart-card-based decentralized event tickets, for example, a smartcard-based distributed offline VTS
offline VTS is often preferred, whereas for bonds or securities, is often preferred, whereas for bonds or securities, a centralized
the centralized online VTS is preferred. It is impractical to online VTS is preferred. While distributed VTSs would utilize public
(asymmetric) key-based or shared (symmetric) key-based cryptographic
challenge-and-response protocols to trade vouchers securely,
centralized VTSs would utilize transactions that rewrite ownerships
of vouchers upon their database. It is therefore impractical to
define standard protocols for issuing, transferring, or redeeming define standard protocols for issuing, transferring, or redeeming
vouchers at this moment. vouchers at this moment.
To provide implementation flexibility, this document assumes a To provide implementation flexibility, this document assumes a
modular wallet architecture that allows multiple VTS to be added as modular wallet architecture that allows multiple VTS to be added as
plug-ins. In this architecture, instead of specifying a standard plug-ins. In this architecture, instead of specifying a standard
voucher transfer protocol, two specifications, i.e., Voucher voucher transfer protocol, two specifications, i.e., Voucher
Component and VTS-API specifications, are standardized (Figure 1). Component and VTS-API specifications, are standardized (Figure 1).
Sender wallet/Issuing system Receiver wallet/Collecting system Sender wallet/Issuing system Receiver wallet/Collecting system
+---------------------------+ +---------------------------+ +---------------------------+ +---------------------------+
| | | | | | | |
| | Voucher Component | | | | Voucher Component | |
| | (Specifies Issuer, Promise, Holder, and VTS Provider) | | | | (Specifies VTS Provider and Promise) | |
| |-------------------------------------------------------->| | | |-------------------------------------------------------->| |
| | | | | | | | | | | |
| | Intention to receive and payment (option) | | | | Intention to receive and payment (option) | |
| |<- - - - - - - - - - - - - - - - - - - - - - - - - - - - | | | |<- - - - - - - - - - - - - - - - - - - - - - - - - - - - | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | Issue/transfer/ VTS | | VTS Register | | | | Issue/transfer/ VTS | | VTS Register | |
| | redeem request plug-in | plug-in Listener(*1)| | | | redeem request plug-in | plug-in Listener(*1)| |
| |------------------>| | | |<------------------| | | |------------------>| | | |<------------------| |
| | (VTS API) |<- - - - - - - ->| (VTS API) | | | | (VTS API) |<- - - - - - - ->| (VTS API) | |
skipping to change at page 5, line 5 skipping to change at page 5, line 29
| | (VTS API) |<- - - - - - - ->| (VTS API) | | | | (VTS API) |<- - - - - - - ->| (VTS API) | |
| | | VTS-specific | | | | | | VTS-specific | | |
| | | protocol if VTS | | | | | | protocol if VTS | | |
| | | is distributed | | | | | | is distributed | | |
| | Result |<- - - - - - - ->| Notify(*2) | | | | Result |<- - - - - - - ->| Notify(*2) | |
| |<------------------| | | |------------------>| | | |<------------------| | | |------------------>| |
+---------------------------+ +---------------------------+ +---------------------------+ +---------------------------+
(*1) Registration is optional. Note also that the VTS plug-ins are (*1) Registration is optional. Note also that the VTS plug-ins are
usually pre-registered when the wallet or collecting system usually pre-registered when the wallet or collecting system
is started. is started.
(*2) If a listener is registered. (*2) If a listener is registered.
Figure 1. Wallet architecture with VTS plug-ins Figure 1. Wallet architecture with VTS plug-ins
After sender and receiver agree on what vouchers are to be traded and In this architecture, a VTS provides a logical view of vouchers
which VTS is to be used, the issuing system or wallet system requests called Valid Voucher Set (VVS), which is a set that includes the
the corresponding VTS plug-in to permit the issue, transfer, or vouchers <I,P,H> managed by the VTS [VTS]. A user's wallet can
redeem transactions to be performed via the VTS-API. The VTS then access (e.g. view, transfer and redeem) the subset of VVS that
rewrites the ownership of the vouchers using the VTS-specific includes a set of vouchers owned by the user, by interacting with the
protocol. Finally, a completion event is sent to the wallet systems VTS plug-in via the VTS-API. Likewise, an issuing system can issue a
or issuing/collecting systems. voucher and add it to the VVS and a collecting system can be notified
of the redemption of vouchers via the VTS-API.
After a sender and a receiver agree on what vouchers are to be traded
and which VTS is to be used, the issuing system or wallet system
requests the corresponding VTS plug-in to permit the issue, transfer,
or redeem transactions to be performed via the VTS-API. The VTS then
logically rewrites the ownership of the vouchers on the VVS using the
VTS-specific protocol. Since the VTS is responsible for preventing
illegal acts on vouchers like forgery or reproduction as required in
[VTS], the protocol would include a cryptographic challenge-and-
response (in a distributed VTS) or a transactional database manipula-
tion with adequate access controls (in a centralized VTS). Finally,
a completion event is sent to the wallet systems or issuing/collect-
ing systems.
This document describes the VTS-API specification. See [GVL] for the This document describes the VTS-API specification. See [GVL] for the
Voucher Component specification. Voucher Component specification that gives the syntax and semantics
for describing and interpreting meaning of vouchers.
3. Design Overview 3. Design Overview
We have adopted the following approach to specify the VTS-API. We have adopted the following approach to specify the VTS-API.
1) Provide an abstract and uniform API that encapsulates the VTS 1) Provide an abstract and uniform API that encapsulates the VTS
implementation. For example, a common API is provided for both implementation. For example, a common API is provided for
centralized and decentralized VTS. It brings more freedom of VTS both centralized and distributed VTS. It brings more freedom
selection for issuers and application developers. of VTS selection for issuers and application developers.
2) To provide an abstract and uniform API, this document introduces 2) To provide an abstract and uniform API, this document intro-
an interface called VTSAgent that is associated with a holder and duces an interface called VTSAgent that is associated with a
provides methods to manipulate vouchers held by its holder. holder and provides methods to manipulate vouchers held by its
Vouchers are accessed through the methods provided by the holder. Vouchers are accessed through the methods provided by
VTSAgent. the VTSAgent.
3) Use existing standards for the VTS branding mechanism 3) Use existing standards for the VTS branding mechanism (negoti-
(negotiation). This document assumes that the VTS to be used for ation). This document assumes that the VTS to be used for
sending a voucher has settled before calling the VTS-APIs. sending a voucher has settled before calling the VTS-APIs.
Negotiation can be done within the upper application layer using Negotiation can be done within the upper application layer
other standards, e.g., [IOTP] or [ECML], if necessary. using other standards, e.g., [IOTP] or [ECML], if necessary.
4) Support only push-type voucher transfer interface in which voucher 4) Support only push-type voucher transfer interface in which
transfer session is initiated by the transferor side. Pull-type voucher transfer session is initiated by the transferor side.
voucher transfer interface can be implemented on top of the Pull-type voucher transfer interface can be implemented on top
push-type VTS interface at application level. of the push-type VTS interface at application level.
4. Concepts 4. Concepts
The VTS-API consists of the following interfaces. A VTS is required The VTS-API consists of the following interfaces. A VTS is required
to implement all of the interfaces except ReceptionLister, which is to implement all of the interfaces except ReceptionListener, which is
intended to be implemented by wallets or other applications that intended to be implemented by wallets or other applications that use
use VTS. VTS.
VTSManager VTSManager
Provides the starting point to use a VTS plug-in. All of the Provides the starting point to use a VTS plug-in. All of the
objects needed to manipulate vouchers can be directly or indirectly objects needed to manipulate vouchers can be directly or indi-
acquired via the VTSManager. A VTSManager maintains the two rectly acquired via the VTSManager. A VTSManager maintains
repositories; a ParticipantRepository and a the two repositories; a ParticipantRepository and a Voucher-
VoucherComponentRepository described below. ComponentRepository described below.
ParticipantRepository ParticipantRepository
Provides the access points of Participants, which are to be
Provides the access points of Participants, which are to be trading trading partners. A ParticipantRepository maintains Partici-
partners. A ParticipantRepository maintains Participants and acts as pants and acts as an "address book" of trading partners.
an "address book" of trading partners.
Participant Participant
Represents a participant (such as issuers, holders, and Represents a participant (such as issuers, holders, and
collectors). A Participant knows how to obtain the corresponding collectors). A Participant knows how to obtain the corre-
VTSAgent described below. sponding VTSAgent described below.
VTSAgent (extends Participant) VTSAgent (extends Participant)
Provides the access point of vouchers in Valid Voucher Set
Provides the access point of vouchers in Valid Voucher Set (VVS) (VVS) that is logically managed by VTS. A VTSAgent provides a
that is logically managed by VTS. A VTSAgent provides a means of means of manipulating vouchers held by its holder; basic trad-
manipulating vouchers held by its holder; basic trading methods, ing methods, i.e., issue, transfer, consume, and present.
i.e., issue, transfer, consume, and present. Before calling trading Before calling trading methods, the application must create a
methods, the application must create a Session which is described Session which is described below.
below.
Session Session
Represents the logical connection established by the trade. A Represents the logical connection established by the trade. A
Session has references to two Participants, i.e., the sender and the Session has references to two Participants, i.e., the sender
receiver. After trading methods are called using a Session, the and the receiver. After trading methods are called using a
Session holds a reference to the Vouchers to be traded. Session, the Session holds a reference to the Vouchers to be
traded.
Voucher Voucher
Represents one or more vouchers of which all of the issuer
Represents one or more vouchers of which all of the issuer part and part and promise part of vouchers are the same. A Voucher
promise part of vouchers are the same. A Voucher holds references to holds references to the Participant (issuer) who issued the
the Participant (issuer) who issued the voucher and a voucher and a VoucherComponent (promise) which is described
VoucherComponent (promise) which is described below. below.
VoucherComponent VoucherComponent
Represents a Voucher Component described in [GVL]. It defines
Represents a Voucher Component described in [GVL]. It defines the the promise part of the voucher.
promise part of the voucher.
VoucherComponentRepository VoucherComponentRepository
Provides the access points of VoucherComponents. A Voucher-
Provides the access points of VoucherComponents. A ComponentRepository maintains VoucherComponents and acts as a
VoucherComponentRepository maintains VoucherComponents and acts as a "voucher type book" managed by the VTS. This document assumes
"voucher type book" managed by the VTS. This document assumes that a that a set of VoucherComponents has been acquired and stored
set of VoucherComponents has been acquired and stored in this in this repository. Delivery of VoucherComponents is beyond
repository. Delivery of VoucherComponents is beyond the scope of this the scope of this document. It may be delivered within the
document. It may be delivered within the VTS from the trading VTS from the trading partners or manually acquired from a
partners or manually acquired from a trusted third party (See Section trusted third party (See Section 3 of [GVL]).
3 of [GVL]).
ReceptionListener ReceptionListener
Provides a listener function with regard to the receipt of a
Provides a listener function with regard to the receipt of a voucher voucher by VTSAgent to wallets or other applications that
by VTSAgent to wallets or other applications that implement this implement this interface. (This interface may not be imple-
interface. (This interface may not be implemented as part of VTS) mented as part of VTS)
5. Interface Definitions 5. Interface Definitions
The interfaces defined in this document reside in the package named The interfaces defined in this document reside in the package named
"org.ietf.vts". Wallets or other applications that use this "org.ietf.vts". Wallets or other applications that use this
API,should import this package as "import org.ietf.vts.*;". API,should import this package as "import org.ietf.vts.*;".
5.1 VTSManager 5.1 VTSManager
public interface VTSManager public interface VTSManager
Provides the starting point to use a VTS plug-in. Provides the starting point to use a VTS plug-in.
All of the objects needed to manipulate vouchers can be directly or All of the objects needed to manipulate vouchers can be directly or
indirectly acquired via a VTSManager, so that wallets or other indirectly acquired via a VTSManager, so that wallets or other
applications can make the VTS available by instantiating an object applications can make the VTS available by instantiating an object
implementing this interface. implementing this interface.
A class that implements the VTSManager interface must have a public A class that implements the VTSManager interface must have a public
default constructor (a constructor without any parameters). The VTS default constructor (a constructor without any parameters). The
provides a name for such constructor so that the implementation class VTS provides a name for such constructor so that the implementation
can bootstrap the interface. class can bootstrap the interface.
5.1.1 getParticipantRepository 5.1.1 getParticipantRepository
public ParticipantRepository getParticipantRepository() public ParticipantRepository getParticipantRepository()
Returns a repository that maintains Participants. Returns a repository that maintains Participants.
Returns: Returns:
the ParticipantRepository of the VTS, or null if no the ParticipantRepository of the VTS, or null if no
skipping to change at page 8, line 17 skipping to change at page 9, line 5
public interface ParticipantRepository public interface ParticipantRepository
Provides the access points of Participants. A ParticipantRepository Provides the access points of Participants. A ParticipantRepository
maintains Participants and acts as an "address book" of trading maintains Participants and acts as an "address book" of trading
partners. partners.
The object implementing this interface maintains Participants (or The object implementing this interface maintains Participants (or
holds a reference to an object maintaining Participants), which are holds a reference to an object maintaining Participants), which are
to be trading partners. to be trading partners.
The implementation of ParticipantRepository may be either (an adaptor The implementation of ParticipantRepository may be either (an
to) "yellow pages" which is a network-wide directory service like adaptor to) "yellow pages" which is a network-wide directory
LDAP, or "pocket address book" which maintains only personal service like LDAP, or "pocket address book" which maintains only
acquaintances. personal acquaintances.
5.2.1 lookup 5.2.1 lookup
public Participant lookup(String id) public Participant lookup(String id)
Retrieves the participant that has the specified id. Retrieves the participant that has the specified id.
Returns: Returns:
the participant associated with the specified id or null if the id the participant associated with the specified id or null if the id
skipping to change at page 9, line 11 skipping to change at page 9, line 52
The format of the identifier is implementation-specific. The format of the identifier is implementation-specific.
Returns: Returns:
the identifier string of the participant. the identifier string of the participant.
5.3.2 getVTSAgent 5.3.2 getVTSAgent
VTSAgent getVTSAgent() VTSAgent getVTSAgent()
Returns a VTSAgent, whose identifier is the same as the identifier of Returns a VTSAgent, whose identifier is the same as the identifier
the participant. of the participant.
Returns: Returns:
an object implementing VTSAgent. an object implementing VTSAgent.
5.4 VTSAgent 5.4 VTSAgent
public interface VTSAgent extends Participant public interface VTSAgent extends Participant
Represents contact points to access vouchers in Valid Voucher Set Represents contact points to access vouchers in Valid Voucher Set
(VVS) that is managed by the VTS. (VVS) that is managed by the VTS.
Each VTSAgent is associated with a holder and provides a means for Each VTSAgent is associated with a holder and provides a means for
managing vouchers owned by the holder. The holder must be managing vouchers owned by the holder. The holder must be
authenticated using the login() method before being called by any authenticated using the login() method before being called by any
other method, or VTSSecurityException will be issue. other method, or VTSSecurityException will be issue.
Before calling any trading method, i.e., issue(), transfer(), Before calling any trading method, i.e., issue(), transfer(),
consume(), and present(), the application must establish a session by consume(), and present(), the application must establish a session
the prepare() method. by the prepare() method.
Sessions may often be suspended due to network failure when the Sessions may often be suspended due to network failure when the
voucher is sent via a network. The suspended sessions can be voucher is sent via a network. The suspended sessions can be
restarted by the resume() method. Details on the state management of restarted by the resume() method. Details on the state management
a session are described in Section 5.5. of a session are described in Section 5.5.
Some VTSAgents may not have all of the trading methods; a voucher Some VTSAgents may not have all of the trading methods; a voucher
collecting system doesn't require its VTSAgent to provide method for collecting system doesn't require its VTSAgent to provide method
issuing or creating vouchers. A VTSAgent returns for issuing or creating vouchers. A VTSAgent returns
FeatureNotAvailableException when an unsupported method is invoked. FeatureNotAvailableException when an unsupported method is invoked.
5.4.1 login 5.4.1 login
public void login(String passphrase) public void login(String passphrase)
throws VTSException throws VTSException
Authenticates the VTSAgent. The passphrase is specified if the VTS Authenticates the VTSAgent. The passphrase is specified if the VTS
requires it for authentication, otherwise it must be null. Nothing is requires it for authentication, otherwise it must be null. Nothing
performed if the VTSAgent has already been logged-in. The is performed if the VTSAgent has already been logged-in. The
authentication scheme is implementation-specific. Examples of the authentication scheme is implementation-specific. Examples of the
implementation are as follows: implementation are as follows:
1) Vouchers are managed on a remote centralized server (central VVS), 1) Vouchers are managed on a remote centralized server (centralized
and the server requires a password to login. In this case, the VTS), which requires a password to login. In this case, the
application may prompt the user to input the password and can be application may prompt the user to input the password and can be
given to the VTSAgent through this method. given to the VTSAgent through this method. See Implementation
Notes below.
2) Vouchers are managed on a remote centralized server (central VVS); 2) Vouchers are managed on a remote centralized server (centralized
they require challenge-and-response authentication using VTS), which requires challenge-and-response authentication using
smartcards held by users. In this case, the passphrase may be null smartcards held by users. In this case, the passphrase may be
since access to the smartcard can be done without contacting the null since access to the smartcard can be done without
application or user, i.e., the VTSAgent receives the challenge contacting the application or user, i.e., the VTSAgent receives
from the server, sends the challenge to the smartcard (within the the challenge from the server, sends the challenge to the
VTS), and returns the response from the smartcard to the server. smartcard (within the VTS), and returns the response from the
Note that a PIN to unlock the smartcard may be given through this smartcard to the server. Note that a PIN to unlock the
method depending on the implementation. smartcard may be given through this method depending on the
implementation.
3) Each user holds their own smartcard in which their own vouchers 3) Each user holds their own smartcard in which their own vouchers
are stored (decentralized VVS). In this case, the passphrase may are stored (distributed VTS). In this case, the passphrase may
be null since no authentication is required. Note that a PIN to be null since no authentication is required. Note that a PIN to
unlock the smartcard may be given through this depends on the unlock the smartcard may be given through this depends on the
implementation. implementation.
Implementation Notes:
A VTS is responsible for providing secure ways for users to
login(); it is strongly recommended to utilize secure
communication channels such as [TLS] if secret or privacy
information is sent via networks. Fake server attacks including
so-called MITM (man-in-the-middle) must be considered as well.
Throws: Throws:
VTSSecurityException - if authentication fails. VTSSecurityException - if authentication fails.
5.4.2 logout 5.4.2 logout
public void logout() public void logout()
throws VTSException throws VTSException
Voids the authentication performed by the login() method. Voids the authentication performed by the login() method.
skipping to change at page 10, line 53 skipping to change at page 11, line 54
5.4.3 prepare 5.4.3 prepare
public Session prepare(Participant receiver) public Session prepare(Participant receiver)
throws VTSException throws VTSException
Establishes a session that is required for trading vouchers. The Establishes a session that is required for trading vouchers. The
trading partner who receives the vouchers is specified as receiver. trading partner who receives the vouchers is specified as receiver.
The vouchers to be traded will be specified later (when a trading The vouchers to be traded will be specified later (when a trading
method is called). method is called).
The establishment of a session is implementation-specific. An The establishment of a session is implementation-specific. A
implementation that has a central VVS may start a transaction, while centralized VTS implementation may start a transaction, while a
other implementations that have decentralized VVS may get, from the distributed VTS implementation may get, from the receiver, the
receiver, the challenge needed to authenticate the sender during the challenge needed to create an authentic response in the
establishment of the session. following trading method.
If the VTSAgent has no ability to establish a session with the If the VTSAgent has no ability to establish a session with the
specified receiver (permanent error), the VTSAgent throws an specified receiver (permanent error), the VTSAgent throws an
InvalidParticipantExeption. If the VTSAgent can not establish a InvalidParticipantExeption. If the VTSAgent can not establish a
session due to network failure (transient error), the VTSAgent throws session due to network failure (transient error), the VTSAgent
a CannotProceedException. throws a CannotProceedException.
Parameters: Parameters:
receiver - the trading partner who receives vouchers. receiver - the trading partner who receives vouchers.
Returns: Returns:
an established session whose state is "prepared" (see Section 5.5). an established session whose state is "prepared" (see Section 5.5).
Throws: Throws:
skipping to change at page 11, line 39 skipping to change at page 12, line 42
correctly. correctly.
5.4.4 issue 5.4.4 issue
public void issue(Session session, public void issue(Session session,
VoucherComponent promise, VoucherComponent promise,
java.lang.Number num) java.lang.Number num)
throws VTSException throws VTSException
Issues vouchers. This method creates the specified number of Issues vouchers. This method creates the specified number of
vouchers <this, promise, receiver> and adds them to the VVS. Note vouchers <this, promise, receiver> and adds them to the VVS. If
that receiver is specified when the prepare() method is the VTS is distributed, this method would create a "response"
called. Nothing is performed if the specified number is 0. corresponding to the challenge received in the prepare() method and
send it to the receiver. Note that the receiver is specified when
prepare() is called. Nothing is performed if the specified
number is 0.
The session MUST be "prepared" when calling this method. The state The session MUST be "prepared" when calling this method. The state
of the session will be "activated" when the vouchers are created, and of the session will be "activated" when the vouchers are created, and
it will be "completed" when the transaction is successfully completed it will be "completed" when the transaction is successfully completed
or "suspended" if the transaction is interrupted abnormally (e.g., or "suspended" if the transaction is interrupted abnormally (e.g.,
network failures). network failures).
Parameters: Parameters:
session - the session used by the issue transaction. session - the session used by the issue transaction.
skipping to change at page 12, line 23 skipping to change at page 13, line 31
5.4.5 transfer 5.4.5 transfer
public void transfer(Session session, public void transfer(Session session,
Participant issuer, Participant issuer,
VoucherComponent promise, VoucherComponent promise,
java.lang.Number num) java.lang.Number num)
throws VTSException throws VTSException
Transfers vouchers. This method rewrites the specified number of Transfers vouchers. This method rewrites the specified number of
vouchers <issuer, promise, this> to <issuer, promise, receiver> in vouchers <issuer, promise, this> to <issuer, promise, receiver> in
the VVS. Note that receiver is specified when the prepare() method is the VVS; i.e. deletes the vouchers from the sender and stores them
called. The VTSAgent must have sufficient vouchers in the VVS. for the receiver. Similar to issue(), this method would create
Nothing is performed if the specified number is 0. and send the response to the receiver if the VTS is distributed.
The VTSAgent must have sufficient vouchers in the VVS. Nothing is
performed if the specified number is 0.
The session MUST be "prepared" when calling this method. The state The session MUST be "prepared" when calling this method. The state
of the session will be "activated" when the voucher are retrieved of the session will be "activated" when the voucher are retrieved
from the sender, and it will be "completed" when the transaction is from the sender, and it will be "completed" when the transaction is
successfully completed or "suspended" if the transaction is successfully completed or "suspended" if the transaction is
interrupted abnormally (e.g., network failures). interrupted abnormally (e.g., network failures).
If null is specified for the issuer parameter, it indicates "any If null is specified for the issuer parameter, it indicates "any
issuer". This method selects vouchers to be transferred from the set issuer". This method selects vouchers to be transferred from the set
of vouchers returned by the getContents(null, promise). of vouchers returned by the getContents(null, promise).
skipping to change at page 13, line 4 skipping to change at page 14, line 16
completed. completed.
FeatureNotAvailableException - if the VTSAgent does not provide FeatureNotAvailableException - if the VTSAgent does not provide
a means of transferring vouchers. a means of transferring vouchers.
InsufficientVoucherException - if the VTSAgent doesn't have a InsufficientVoucherException - if the VTSAgent doesn't have a
sufficient number of vouchers to transfer. sufficient number of vouchers to transfer.
InvalidStateException - if the session is not "prepared". InvalidStateException - if the session is not "prepared".
VTSSecurityException - if the VTSAgent cannot be authenticated VTSSecurityException - if the VTSAgent cannot be authenticated
correctly. correctly.
5.4.6 consume 5.4.6 consume
public void consume(Session session, public void consume(Session session,
Participant issuer, Participant issuer,
VoucherComponent promise, VoucherComponent promise,
java.lang.Number num) java.lang.Number num)
throws VTSException throws VTSException
Consumes vouchers. This method deletes the specified number of Consumes vouchers. This method deletes the specified number of
specified vouchers <issuer, promise, this> from the VVS. The VTSAgent vouchers <issuer, promise, this> from the VVS and notifies the
must have sufficient vouchers in the VVS. Nothing is performed if deletion to the receiver. Similar to issue() and transfer(), the
the specified number is 0. response would be created and sent to the receiver if the VTS is
distributed so that the receiver can obtain proof of the deletion.
The VTSAgent must have a sufficient number of vouchers in the VVS.
Nothing is performed if the specified number is 0.
The session MUST be "prepared" when calling this method. The state The session MUST be "prepared" when calling this method. The state
of the session will be "activated" when the vouchers are deleted, and of the session will be "activated" when the vouchers are deleted,
it will be "completed" when the transaction is successfully completed and it will be "completed" when the transaction is successfully
or "suspended" if the transaction is interrupted abnormally (e.g., completed or "suspended" if the transaction is interrupted
network failures). abnormally (e.g., network failures).
If null is specified for the issuer parameter, it indicates "any If null is specified for the issuer parameter, it indicates "any
issuer". This method selects vouchers to be consumed from the set of issuer". This method selects vouchers to be consumed from the set
vouchers returned by the getContents(null, promise). of vouchers returned by the getContents(null, promise).
Parameters: Parameters:
session - the session used by the consume transaction. session - the session used by the consume transaction.
issuer - the issuer part of the voucher, or null. issuer - the issuer part of the voucher, or null.
promise - the promise part of the voucher. promise - the promise part of the voucher.
num - the number of vouchers to be consumed. num - the number of vouchers to be consumed.
Throws: Throws:
skipping to change at page 13, line 55 skipping to change at page 15, line 20
public void present(Session session, public void present(Session session,
Participant issuer, Participant issuer,
VoucherComponent promise, VoucherComponent promise,
java.lang.Number num) java.lang.Number num)
throws VTSException throws VTSException
Presents vouchers. This method shows that the sender has the Presents vouchers. This method shows that the sender has the
specified number of vouchers <issuer, promise, this> in the VVS to specified number of vouchers <issuer, promise, this> in the VVS to
the receiver of the session; No modification is performed to the the receiver of the session; No modification is performed to the
VVS. The VTSAgent must have a sufficient vouchers in the VVS. Nothing VVS. However, the response would be sent in order to give the
is performed if the specified number is 0. proof to the receiver as well as consume() if the VTS is
distributed. The VTSAgent must have a sufficient number of
vouchers in the VVS. Nothing is performed if the specified number
is 0.
The session MUST be "prepared" when calling this method. The state The session MUST be "prepared" when calling this method. The state
of the session will be "activated" when the vouchers are retrieved, of the session will be "activated" when the vouchers are retrieved,
and it will be "completed" when the transaction is successfully and it will be "completed" when the transaction is successfully
completed or "suspended" if the transaction is interrupted abnormally completed or "suspended" if the transaction is interrupted
(e.g., by network failures). abnormally (e.g., by network failures).
If null is specified for the issuer parameter, it indicates "any If null is specified for the issuer parameter, it indicates "any
issuer". This method selects vouchers to be presented from the set issuer". This method selects vouchers to be presented from the set
of vouchers returned by the getContents(null, promise). of vouchers returned by the getContents(null, promise).
Parameters: Parameters:
session - the session used by the present transaction. session - the session used by the present transaction.
issuer - the issuer part of the voucher, or null. issuer - the issuer part of the voucher, or null.
promise - the promise part of the voucher. promise - the promise part of the voucher.
skipping to change at page 14, line 35 skipping to change at page 16, line 4
completed. completed.
InsufficientVoucherException - if the VTSAgent doesn't have a InsufficientVoucherException - if the VTSAgent doesn't have a
sufficient number of vouchers to present. sufficient number of vouchers to present.
InvalidStateException - if the session is not "prepared". InvalidStateException - if the session is not "prepared".
FeatureNotAvailableException - if the VTSAgent does not provide FeatureNotAvailableException - if the VTSAgent does not provide
a means of presenting vouchers. a means of presenting vouchers.
VTSSecurityException - if the VTSAgent cannot be authenticated VTSSecurityException - if the VTSAgent cannot be authenticated
correctly. correctly.
5.4.8 cancel 5.4.8 cancel
public void cancel(Session session) public void cancel(Session session)
throws VTSException throws VTSException
Releases the session. "Prepared" sessions MUST be canceled. An Releases the session. "Prepared" sessions MUST be canceled. An
implementation MAY be permitted to cancel "activated" or "suspended" implementation MAY be permitted to cancel "activated" or
sessions. "suspended" sessions.
Throws: Throws:
InvalidStateException - if the state of the session isn't InvalidStateException - if the state of the session isn't
cancelable. cancelable.
VTSSecurityException - if the VTSAgent cannot be authenticated VTSSecurityException - if the VTSAgent cannot be authenticated
correctly. correctly.
5.4.9 resume 5.4.9 resume
skipping to change at page 15, line 4 skipping to change at page 16, line 24
cancelable. cancelable.
VTSSecurityException - if the VTSAgent cannot be authenticated VTSSecurityException - if the VTSAgent cannot be authenticated
correctly. correctly.
5.4.9 resume 5.4.9 resume
public void resume(Session session) public void resume(Session session)
throws VTSException throws VTSException
Restarts the session. Only "suspended" sessions can be resumed. Restarts the session. Only "suspended" sessions can be resumed.
The state of the session will be re-"activated" immediately, and it The state of the session will be re-"activated" immediately, and it
will be "completed" when the transaction is successfully completed or will be "completed" when the transaction is successfully completed
"suspended" again if the transaction is interrupted abnormally (e.g., or "suspended" again if the transaction is interrupted abnormally
network failures). (e.g., network failures).
Throws: Throws:
CannotProceedException - if the transaction cannot be successfully CannotProceedException - if the transaction cannot be successfully
completed. completed.
InvalidStateException - if the session is not "suspended". InvalidStateException - if the session is not "suspended".
VTSSecurityException - if the VTSAgent cannot be authenticated VTSSecurityException - if the VTSAgent cannot be authenticated
correctly. correctly.
5.4.10 create 5.4.10 create
skipping to change at page 15, line 36 skipping to change at page 17, line 4
specified number is 0. specified number is 0.
Throws: Throws:
FeatureNotAvailableException - if the VTSAgent does not provide FeatureNotAvailableException - if the VTSAgent does not provide
a means of creating vouchers. a means of creating vouchers.
VTSSecurityException - if the VTSAgent cannot be authenticated VTSSecurityException - if the VTSAgent cannot be authenticated
correctly. correctly.
5.4.11 delete 5.4.11 delete
public void delete(Participant issuer, VoucherComponent
public void delete(Participant issuer, promise, java.lang.Number num)
VoucherComponent promise,
java.lang.Number num)
throws VTSException throws VTSException
Deletes vouchers. This method deletes the specified number of Deletes vouchers. This method deletes the specified number of
vouchers <issuer, promise, this> from the VVS. The VTSAgent must vouchers <issuer, promise, this> from the VVS. The VTSAgent must
have sufficient vouchers in the VVS. Nothing is performed if the have sufficient vouchers in the VVS. Nothing is performed if the
specified number is 0. specified number is 0.
Throws: Throws:
InsufficientVoucherException - if the VTSAgent doesn't have InsufficientVoucherException - if the VTSAgent doesn't have
skipping to change at page 16, line 11 skipping to change at page 17, line 31
public java.util.Set getContents(Participant issuer, public java.util.Set getContents(Participant issuer,
VoucherComponent promise) VoucherComponent promise)
throws VTSException throws VTSException
Returns the set of vouchers whose issuer and promise both match the Returns the set of vouchers whose issuer and promise both match the
issuer and promise specified in the parameters. issuer and promise specified in the parameters.
If null is specified for the issuer or promise parameter, it If null is specified for the issuer or promise parameter, it
indicates "any issuer" or "any promise", respectively. If null is indicates "any issuer" or "any promise", respectively. If null is
specified for both parameters, this method selects all vouchers owned specified for both parameters, this method selects all vouchers
by the holder from the VVS. owned by the holder from the VVS.
Returns: Returns:
the set of vouchers held by the holder of the VTSAgent. the set of vouchers held by the holder of the VTSAgent.
Throws: Throws:
VTSSecurityException - if the VTSAgent cannot be authenticated VTSSecurityException - if the VTSAgent cannot be authenticated
correctly. correctly.
skipping to change at page 17, line 42 skipping to change at page 19, line 12
Throws: Throws:
VTSSecurityException - if the VTSAgent cannot be authenticated VTSSecurityException - if the VTSAgent cannot be authenticated
correctly. correctly.
5.5 Session 5.5 Session
public interface Session public interface Session
Represents the logical connection established by the trade. Sessions Represents the logical connection established by the trade.
are established by VTSAgent#prepare(). Sessions are established by VTSAgent#prepare().
A session has four states: prepared, activated, suspended, and A session has four states: prepared, activated, suspended, and
completed. The initial state of a session is "prepared", and the completed. The initial state of a session is "prepared", and the
session will be "activated" immediately when any of the trading session will be "activated" immediately when any of the trading
methods of VTSAgent is called. The "activated" session will be methods of VTSAgent is called. The "activated" session will be
"completed" after the trading method is successfully completed. If "completed" after the trading method is successfully completed. If
the trading method is transiently failed (e.g. network failure), the the trading method is transiently failed (e.g. network failure),
session will be "suspended". Suspended sessions can be re-"activated" the session will be "suspended". Suspended sessions can be
and restarted by calling VTSAgent#resume(). re-"activated" and restarted by calling VTSAgent#resume().
A completed session may disappear from the VTSAgent; the session A completed session may disappear from the VTSAgent; the session
will be collected by the GC unless other objects keep its reference. will be collected by the GC unless other objects keep its
reference.
5.5.1 getIdentifier 5.5.1 getIdentifier
public String getIdentifier() public String getIdentifier()
Returns the identifier of the session. The generation scheme of the Returns the identifier of the session. The generation scheme of
identifier is implementation-specific. An implementation may use a the identifier is implementation-specific. An implementation may
transaction ID as the identifier of the session. use a transaction ID as the identifier of the session.
Returns: Returns:
the string of the identifier of the session. the string of the identifier of the session.
5.5.2 getVoucher 5.5.2 getVoucher
public Voucher getVoucher() public Voucher getVoucher()
Returns the voucher to be traded using the session, or returns null Returns the voucher to be traded using the session, or returns null
if the session has not been activated. if the session has not been activated.
Returns: Returns:
the voucher to be traded or null if the state of the session is the voucher to be traded or null if the state of the session is
"prepared". "prepared".
5.5.3 getSender 5.5.3 getSender
public Participant getSender() public Participant getSender()
Returns the sender of the session, i.e., the creator who prepared
Returns the sender of the session, i.e., the creator who prepared the the session.
session.
Returns: Returns:
the sender of the session. the sender of the session.
5.5.4 getReceiver 5.5.4 getReceiver
public Participant getReceiver() public Participant getReceiver()
Returns the receiver of the session, i.e., the participant specified Returns the receiver of the session, i.e., the participant
when preparing the session (by the VTSAgent#prepare() method). specified when preparing the session (by the VTSAgent#prepare()
method).
Returns: Returns:
the receiver of the session. the receiver of the session.
5.5.5 isPrepared 5.5.5 isPrepared
public boolean isPrepared() public boolean isPrepared()
Verifies if the session is "prepared". Verifies if the session is "prepared".
skipping to change at page 20, line 28 skipping to change at page 22, line 5
Returns: Returns:
the positive (>0) number of the voucher(s). the positive (>0) number of the voucher(s).
5.7 VoucherComponentRepository 5.7 VoucherComponentRepository
public interface VoucherComponentRepository public interface VoucherComponentRepository
Maintains VoucherComponents. Maintains VoucherComponents.
An object implementing VoucherComponentRepository provides a means of An object implementing VoucherComponentRepository provides a means
retrieving the voucher components that are the promises of vouchers of retrieving the voucher components that are the promises of
in the VVS. vouchers in the VVS.
Before issuing a voucher, the promise of the voucher must be Before issuing a voucher, the promise of the voucher must be
registered with this repository. The repository can be implemented registered with this repository. The repository can be implemented
as either a network-wide directory service or personal storage like as either a network-wide directory service or personal storage like
the ParticipantRepository. the ParticipantRepository.
5.7.1 register 5.7.1 register
public VoucherComponent register(org.w3c.dom.Document document) public VoucherComponent register(org.w3c.dom.Document document)
Creates a voucher component associated with the specified DOM object Creates a voucher component associated with the specified DOM
and registers the voucher component with the repository. object and registers the voucher component with the repository.
A voucher component of the voucher to be issued must be registered A voucher component of the voucher to be issued must be registered
using this method. using this method.
Nothing is performed (and the method returns null) if the specified Nothing is performed (and the method returns null) if the specified
document is null or the syntax of the document does not conform to document is null or the syntax of the document does not conform to
the VTS. the VTS.
The method returns the registered voucher component if the specified The method returns the registered voucher component if the
DOM object has been already registered. (No new voucher component is specified DOM object has been already registered. (No new voucher
created in this case). component is created in this case).
Returns: Returns:
a registered voucher component associated with the a registered voucher component associated with the specified
specified document, or null if the document is null or has wrong document, or null if the document is null or has wrong syntax.
syntax.
5.8 VoucherComponent 5.8 VoucherComponent
public interface VoucherComponent public interface VoucherComponent
Represents the voucher component that defines the promise of the Represents the voucher component that defines the promise of the
voucher. voucher.
Each VoucherComponent object has its own unique identifier, and it is Each VoucherComponent object has its own unique identifier, and it
associated with an XML document that describes the promise made by is associated with an XML document that describes the promise made
the issuer of the voucher, e.g., the goods or services can be claimed by the issuer of the voucher, e.g., the goods or services can be
in exchange for redeeming the voucher. claimed in exchange for redeeming the voucher.
This interface can be implemented as sort of a "smart pointer" to the This interface can be implemented as sort of a "smart pointer" to
XML document. An implementation may have a reference to a voucher the XML document. An implementation may have a reference to a
component repository instead of the voucher component and retrieve voucher component repository instead of the voucher component and
the document dynamically from the repository when the getDocument() retrieve the document dynamically from the repository when the
method is called. getDocument() method is called.
5.8.1 getIdentifier 5.8.1 getIdentifier
public String getIdentifier() public String getIdentifier()
Returns the identifier of the voucher component. Each voucher Returns the identifier of the voucher component. Each voucher
component must have a unique identifier. The identifier may be component must have a unique identifier. The identifier may be
used to check for equivalence of voucher components. used to check for equivalence of voucher components.
The format of the identifier is implementation-specific, however, it The format of the identifier is implementation-specific, however,
is RECOMMENDED to include the hash value of the voucher component in it is RECOMMENDED to include the hash value of the voucher
the identifier to assure its uniqueness. For generating the hash component in the identifier to assure its uniqueness. For
value, it is desirble to use a secure hash function, e.g., [SHA-1], generating the hash value, it is desirable to use a secure hash
and to apply a canonicalization function, e.g., [EXC-C14N], before function, e.g., [SHA-1], and to apply a canonicalization function,
applying the hash function to minimize the impact of insignificant e.g., [EXC-C14N], before applying the hash function to minimize the
format changes to the voucher component, e.g., line breaks or impact of insignificant format changes to the voucher component,
character encoding. e.g., line breaks or character encoding.
Returns: Returns:
The identifier string of the voucher component. The identifier string of the voucher component.
5.8.2 getDocument 5.8.2 getDocument
public org.w3c.dom.Document getDocument() public org.w3c.dom.Document getDocument()
Returns a Document Object Model [DOM] representation of the document Returns a Document Object Model [DOM] representation of the
associated with the voucher component by the document associated with the voucher component by the
VoucherComponentRepository#register() method. VoucherComponentRepository#register() method.
The DOM object to be returned may be retrieved from a The DOM object to be returned may be retrieved from a
VoucherComponentRepository on demand, instead of the VoucherComponent VoucherComponentRepository on demand, instead of the
always keeping a reference to the DOM object. VoucherComponent always keeping a reference to the DOM object.
The VTS must guarantee that the getDocument method will eventually The VTS must guarantee that the getDocument method will eventually
return the DOM object provided that the voucher associated with the return the DOM object provided that the voucher associated with the
corresponding voucher component exists in the VVS. corresponding voucher component exists in the VVS.
Returns: Returns:
a DOM representation of the document associated with the voucher a DOM representation of the document associated with the voucher
component. component.
skipping to change at page 22, line 28 skipping to change at page 24, line 6
retrieved. retrieved.
5.9 ReceptionListener 5.9 ReceptionListener
public interface ReceptionListener extends java.util.EventListener public interface ReceptionListener extends java.util.EventListener
Provides a listener interface that provides notification that a Provides a listener interface that provides notification that a
VTSAgent has been received a voucher. VTSAgent has been received a voucher.
When a voucher arrives at VTSAgent, the VTSAgent invokes arrive() When a voucher arrives at VTSAgent, the VTSAgent invokes arrive()
method of each registered ReceptionListener. ReceptionListeners can method of each registered ReceptionListener. ReceptionListeners
obtain a Session object, which contains information about the can obtain a Session object, which contains information about the
received voucher and the sender of the voucher. received voucher and the sender of the voucher.
This interface is intended to provide a means of notifying a wallet This interface is intended to provide a means of notifying a wallet
that "You have new vouchers", so that this interface may be that "You have new vouchers", so that this interface may be
implemented by wallets or other applications using VTS. implemented by wallets or other applications using VTS.
5.9.1 arrive 5.9.1 arrive
public void arrive(Session session) public void arrive(Session session)
Provides notification of the arrival of a voucher. Provides notification of the arrival of a voucher.
After the listener is registered to a VTSAgent (by the After the listener is registered to a VTSAgent (by the
VTSAgent#addReceptionListener() method), the VTSAgent invokes this VTSAgent#addReceptionListener() method), the VTSAgent invokes this
method whenever it receives a voucher. method whenever it receives a voucher.
The specified session is equivalent to the session used by the sender The specified session is equivalent to the session used by the
to trade the voucher. The state of the session is "completed" when sender to trade the voucher. The state of the session is
this method is called. "completed" when this method is called.
5.10 Exceptions 5.10 Exceptions
java.lang.Exception java.lang.Exception
+-- VTSException +-- VTSException
+-- CannotProceedException +-- CannotProceedException
+-- DocumentNotFoundException +-- DocumentNotFoundException
+-- FeatureNotAvailableException +-- FeatureNotAvailableException
+-- InsufficientVoucherException +-- InsufficientVoucherException
+-- InvalidParticipantException +-- InvalidParticipantException
+-- InvalidStateException +-- InvalidStateException
+-- VTSSecurityException +-- VTSSecurityException
VTSException VTSException
This is the superclass of all exceptions thrown by the methods
This is the superclass of all exceptions thrown by the methods in the in the interfaces constructs the VTS-API.
interfaces constructs the VTS-API.
CannotProceedException CannotProceedException
This exception is thrown when a trading is interrupted due to This exception is thrown when a trading is interrupted due to
network failures or other errors. network failures or other errors.
DocumentNotFoundException DocumentNotFoundException
This exception is thrown when the document associated with a
This exception is thrown when the document associated with a voucher voucher component cannot be found.
component cannot be found.
FeatureNotAvailableException FeatureNotAvailableException
This exception is thrown when the invoked method is not sup-
This exception is thrown when the invoked method is not supported. ported.
InsufficientVoucherException InsufficientVoucherException
This exception is thrown when the number of the voucher is
This exception is thrown when the number of the voucher is less than less than the number specified to trade.
the number specified to trade.
InvalidParticipantException InvalidParticipantException
This exception is thrown when the specified participant cannot
This exception is thrown when the specified participant cannot be be located.
located.
InvalidStateException InvalidStateException
This exception is thrown when the state of the session is
This exception is thrown when the state of the session is invalid to invalid to proceed the operation.
proceed the operation.
VTSSecurityException VTSSecurityException
This exception is thrown when authentication fails or a method This exception is thrown when authentication fails or a method
which requires authentication in advance is called without which requires authentication in advance is called without
authentication. authentication.
6. Example Code 6. Example Code
// Issue a voucher // Issue a voucher
VTSManager vts = new FooVTSManager(); VTSManager vts = new FooVTSManager();
ParticipantRepository addrBook = vts.getParticipantRepository(); ParticipantRepository addrBook = vts.getParticipantRepository();
skipping to change at page 24, line 4 skipping to change at page 25, line 29
which requires authentication in advance is called without which requires authentication in advance is called without
authentication. authentication.
6. Example Code 6. Example Code
// Issue a voucher // Issue a voucher
VTSManager vts = new FooVTSManager(); VTSManager vts = new FooVTSManager();
ParticipantRepository addrBook = vts.getParticipantRepository(); ParticipantRepository addrBook = vts.getParticipantRepository();
VoucherComponentRepository vcr = vts.getVoucherComponentRepository(); VoucherComponentRepository vcr = vts.getVoucherComponentRepository();
Participant you = addrBook.lookup("http://foo.bar/baz");
Participant you = addrBook.lookup("http://example.org/foo");
// looks up a trading partner identified as "http://example.org/foo".
VTSAgent me = addrBook.lookup("myName").getVTSAgent(); VTSAgent me = addrBook.lookup("myName").getVTSAgent();
// a short-cut name may be used if VTS implementation allows.
VoucherComponent promise = vcr.register(anXMLVoucherDocument); VoucherComponent promise = vcr.register(anXMLVoucherDocument);
// registers a voucher component corresponding to the voucher to
// be issued.
try { try {
me.login(); me.login();
// sets up the issuer's smartcard (assuming distributed VTS).
s = me.prepare(you); s = me.prepare(you);
// receives a challenge from the partner.
me.issue(s, promise, 1); me.issue(s, promise, 1);
// sends a voucher using the received challenge.
me.logout(); me.logout();
} catch (VTSException e) { } catch (VTSException e) {
System.err.println("Sorry!"); // if an error (e.g. a network trouble) occurs...
System.err.println("Sorry.");
e.printStackTrace(); e.printStackTrace();
// this example simply prints a stack trace, but a real wallet
// may prompt the user to retry (or cancel).
} }
// Transfer all my vouchers // Transfer all my vouchers
VTSManager vts = new FooVTSManager(); VTSManager vts = new FooVTSManager();
ParticipantRepository addrBook = vts.getParticipantRepository(); ParticipantRepository addrBook = vts.getParticipantRepository();
Participant you = addrBook.lookup("http://foo.bar/baz"); Participant you = addrBook.lookup("8f42 5aab ffff cafe babe...");
// some VTS implementations would use a hash value of a public key
// (aka fingerprint) as an identifier of a participant.
VTSAgent me = addrBook.lookup("myName").getVTSAgent(); VTSAgent me = addrBook.lookup("myName").getVTSAgent();
try { try {
me.login(); me.login();
Iterator i = me.getContents(null, null).iterator(); Iterator i = me.getContents(null, null).iterator();
while (i.hasNext) { while (i.hasNext()) {
Voucher v = (Voucher) i.next(); Voucher v = (Voucher) i.next();
s = me.prepare(you); s = me.prepare(you);
me.transfer(s, v.getIssuer(), v.getPromise(), v.getCount()); me.transfer(s, v.getIssuer(), v.getPromise(), v.getCount());
} }
me.logout(); me.logout();
} catch (VTSException e) { } catch (VTSException e) {
System.err.println("Sorry!"); System.err.println("Sorry.");
e.printStackTrace(); e.printStackTrace();
} }
// Register an incoming voucher notifier (biff) // Register an incoming voucher notifier (biff)
VTSManager vts = new FooVTSManager(); VTSManager vts = new FooVTSManager();
ParticipantRepository addrBook = vts.getParticipantRepository(); ParticipantRepository addrBook = vts.getParticipantRepository();
VTSAgent me = addrBook.lookup("myName").getVTSAgent(); VTSAgent me = addrBook.lookup("myName").getVTSAgent();
skipping to change at page 25, line 8 skipping to change at page 26, line 48
public void arrive(Session s) { public void arrive(Session s) {
System.out.println("You got a new voucher."); System.out.println("You got a new voucher.");
} }
}; };
try { try {
me.login(); me.login();
me.addReceptionListener(listener); me.addReceptionListener(listener);
me.logout(); me.logout();
} catch (VTSException e) { } catch (VTSException e) {
System.err.println("Sorry!"); System.err.println("Sorry.");
e.printStackTrace(); e.printStackTrace();
} }
7. Security Considerations 7. Security Considerations
Security is very important for trading vouchers. VTS implementations
are responsible for preventing illegal acts upon vouchers as
described in [VTS], as well as preventing malicious accesses from
invalid users and fake server attacks including man-in-the-middle
attacks.
This document assumes that the VTS plug-in is trusted. The caller The means to achieve the above requirements are not specified in this
application of a VTS should authenticate the VTS plug-in and bind it document since it depends on VTS implementation, however, securing
securely using the VTS Provider information specified in the Voucher communication channels (e.g. using TLS) between client VTS plug-ins
Component. This document, however, does not specify any application and the central server in a centralized VTS (as described in 5.4.1
authentication scheme and it is assumed to be specified by other login()) and applying cryptographic challenge-and-response techniques
related standards. Until various VTS systems are deployed, it is in a distributed VTS are likely helpful and strongly recommended to
enough to manually check and install VTS plug-ins like other download implement a secure VTS.
applications.
To protect vouchers from being stolen, the VTSAgent must be This document assumes that the VTS plug-in is trusted by its user.
authenticated securely. This document introduced a login/logout The caller application of a VTS should authenticate the VTS plug-in
facility for this purpose (see Section 5.4). and bind it securely using the VTS Provider information specified in
the Voucher Component. This document, however, does not specify any
application authentication scheme and it is assumed to be specified
by other related standards. Until various VTS systems are deployed,
it is enough to manually check and install VTS plug-ins like other
download applications.
8. Normative References 8. Normative References
[DOM] V. Apparao, S. Byrne, M. Champion, S. Isaacs, I. Jacobs, A. Le [DOM] V. Apparao, S. Byrne, M. Champion, S. Isaacs, I. Jacobs, A. Le
Hors, G. Nicol, J. Robie, R. Sutor, C. Wilson, and L. Wood. Hors, G. Nicol, J. Robie, R. Sutor, C. Wilson, and L. Wood. "Docu-
"Document Object Model (DOM) Level 1 Specification", W3C ment Object Model (DOM) Level 1 Specification", W3C Recommendation,
Recommendation, October 1998, October 1998, <http://www.w3.org/TR/1998/REC-DOM-Level-1-19981001/>
<http://www.w3.org/TR/1998/REC-DOM-Level-1-19981001/>
[GVL] K. Fujimura and M. Terada, "XML Voucher: Generic Voucher [GVL] K. Fujimura and M. Terada, "XML Voucher: Generic Voucher Lan-
Language", draft-ietf-trade-voucher-lang-05.txt, 2003. guage", draft-ietf-trade-voucher-lang-06.txt, 2004.
[RFC2119] S. Bradner, "Key words for use in RFCs to Indicate [RFC2119] S. Bradner, "Key words for use in RFCs to Indicate Require-
Requirement Levels", BCP 14, RFC 2119, 1997. ment Levels", BCP 14, RFC 2119, 1997.
9. Informative References 9. Informative References
[ECML] J. W. Parsons and D. Eastlake "Electronic Commerce Modeling [ECML] J. W. Parsons and D. Eastlake "Electronic Commerce Modeling
Language (ECML) Version 2 Specification", Language (ECML) Version 2 Specification", draft-ietf-trade-
draft-ietf-trade-ecml2-spec-08.txt, 2003. ecml2-spec-09.txt, 2004.
[EXC-C14N] J. Boyer, D. Eastlake, and J. Reagle, "Exclusive XML [EXC-C14N] J. Boyer, D. Eastlake, and J. Reagle, "Exclusive XML
Canonicalization Version 1.0", W3C Recommendation, July 2002, Canonicalization Version 1.0", W3C Recommendation, July 2002,
<http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/> <http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/>
[GPSF] G. Lacoste, B. Pfitzmann, M. Steiner, and M. Waidner (Eds.), [GPSF] G. Lacoste, B. Pfitzmann, M. Steiner, and M. Waidner (Eds.),
"SEMPER - Secure Electronic Marketplace for Europe," LNCS 1854, "SEMPER - Secure Electronic Marketplace for Europe," LNCS 1854,
Springer-Verlag, 2000. Springer-Verlag, 2000.
[IOTP] D. Burdett, "Internet Open Trading Protocol - IOTP Version [IOTP] D. Burdett, "Internet Open Trading Protocol - IOTP Version
1.0", RFC 2801, 2000. 1.0", RFC 2801, 2000.
[JCC] Sun Microsystems Inc., "Java Commerce Client", [JCC] T. Goldstein, "The Gateway Security Model in the Java Elec-
<http://java.sun.com/products/commerce/>. tronic Commerce Framework", Proc. of Financial Cryptography '97,
1997.
[SHA-1] Department of Commerce/National Institute of Standards and [SHA-1] Department of Commerce/National Institute of Standards and
Technology, "FIPS PUB 180-1. Secure Hash Standard. U.S.", Technology, "FIPS PUB 180-1. Secure Hash Standard. U.S.",
<http://csrc.nist.gov/publications/fips/fips180-1/fip180-1.txt> <http://csrc.nist.gov/publications/fips/fips180-1/fip180-1.txt>
[VTS] K. Fujimura, "Requirements and Design for Voucher Trading [VTS] K. Fujimura and D. Eastlake, "Requirements and Design for
System (VTS)", draft-ietf-trade-drt-requirements-04.txt, 2002. Voucher Trading System (VTS)", RFC3506, 2003.
In RFC Editor queue.
10. Author's Address 10. Author's Address
Masayuki Terada and Ko Fujimura Masayuki Terada
NTT DoCoMo, Inc.
3-5 Hikari-no-oka, Yokosuka-shi, Kanagawa, 239-0847 JAPAN
Phone: +81-(0)46-840-3809
Fax: +81-(0)46-840-3364
Email: te@mml.yrp.nttdocomo.co.jp
Ko Fujimura
NTT Corporation NTT Corporation
1-1 Hikari-no-oka, Yokosuka-shi, Kanagawa, 239-0847 JAPAN 1-1 Hikari-no-oka, Yokosuka-shi, Kanagawa, 239-0847 JAPAN
Phone: +81-(0)46-859-3814 Phone: +81-(0)46-859-3814
Fax: +81-(0)46-859-8329 Fax: +81-(0)46-859-8329
Email: terada@isl.ntt.co.jp, fujimura@isl.ntt.co.jp Email: fujimura@isl.ntt.co.jp
Full Copyright Statement Full Copyright Statement
Copyright (C) The Internet Society (2003). All Rights Reserved. Copyright (C) The Internet Society (2004). All Rights Reserved.
This document and translations of it may be copied and furnished to This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this included on all such copies and derivative works. However, this doc-
document itself may not be modified in any way, such as by removing ument itself may not be modified in any way, such as by removing the
the copyright notice or references to the Internet Society or other copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of Internet organizations, except as needed for the purpose of develop-
developing Internet standards in which case the procedures for ing Internet standards in which case the procedures for copyrights
copyrights defined in the Internet Standards process must be defined in the Internet Standards process must be followed, or as
followed, or as required to translate it into languages other than required to translate it into languages other than English.
English.
The limited permissions granted above are perpetual and will not be The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns. revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MER-
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. CHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
 End of changes. 

This html diff was produced by rfcdiff 1.25, available from http://www.levkowetz.com/ietf/tools/rfcdiff/